Hacker (computing): Map

Wikipedia article:

Map showing all locations mentioned on Wikipedia article:

In computing, a hacker is
a person in one of several distinct (but not completely disjoint)
communities and subcultures:

People committed to circumvention of computer security. This
primarily concerns unauthorized remote computer break-ins via a
communication networks such as the Internet (Black hats), but also includes those who
debug or fix security problems (White
hats), and the morally ambiguous Grey hats. See "Hacker ".

Today, mainstream usage mostly refers to computer criminals, due to
the mass media usage of the word since the 1980s. This includes
script kiddies, people breaking into
computers using programs written by others, with very little
knowledge about the way they work. This usage has become so
predominant that a large segment of the general public is unaware
that different meanings exist. While the use of the word by
hobbyist hackers is acknowledged by all three kinds of hackers, and
the computer security hackers accept all uses of the word, free
software hackers consider the computer intrusion related usage
incorrect, and refer to security breakers as "crackers" (analogous
to a safecracker).

Hacker definition controversy

The terms hacker and hack
are marked by contrasting positive and negative connotations.
Computer programmers often use the words hacking and
hacker to express admiration for the work of a skilled
software developer, but may also use them in a negative sense to
describe the production of inelegant kludges.
Some frown upon using hacking as a synonym for security cracking -- in distinct contrast
to the larger world, in which the word hacker is typically
used to describe someone who "hacks into" a system by evading or
disabling security measures.

Controversy and ambiguity

While "hack" was originally more used as a verb for "messing about"
with (e.g. "I hack around with computers"), the meaning of the term
has shifted over the decades since it first came into use in a
computer context. As usage has spread more widely, the primary
meaning of newer users of the word has shifted to one which
conflicts with the original primary emphasis.

Currently, "hacker" is used in two main ways, one
pejorative and one complimentary. In popular usage and in the
media, it most often refers to computer intruders or criminals,
with associated pejorative connotations. (For example, "An Internet
'hacker' broke through state government security systems in
March.") In the computing community, the primary meaning is a
complimentary description for a particularly brilliant programmer
or technical expert. (For example, "Linus
Torvalds, the creator of Linux, is
considered by some to be a hacker.") A large segment of the
technical community insist the latter is the "correct" usage of the
word (see the Jargon File definition
below).

The mainstream media's current
usage of the term may be traced back to the early 1980s (see
History). When
the term was introduced to wider society by the mainstream media in
1983, even those in the computer community referred to computer
intrusion as "hacking", although not as the exclusive use of that
word. In reaction to the increasing media use of the term
exclusively with the criminal connotation, the computer community
began to differentiate their terminology. Several alternative terms
such as "black hat" and "cracker" were coined in an effort to
distinguish between those performing criminal activities, and those
whose activities were the legal ones referred to more frequently in
the historical use of the term "hack". Analogous terms such as
"white hats" and "gray
hats" developed as a result. However, since network news use of
the term pertained primarily to the criminal activities despite
this attempt by the technical community to preserve and distinguish
the original meaning, the mainstream media and general public
continue to describe computer criminals with all levels of
technical sophistication as "hackers" and does not generally make
use of the word in any of its non-criminal connotations.

As a result of this difference, the definition is the subject of
heated controversy. The wider dominance of the pejorative
connotation is resented by many who object to the term being taken
from their cultural jargon and used
negatively, including those who have historically preferred to
self-identify as hackers. Many advocate using the more recent and
nuanced alternate terms when describing criminals and others who
negatively take advantage of security flaws in software and
hardware. Others prefer to follow common popular usage, arguing
that the positive form is confusing and unlikely to become
widespread in the general public. A minority still stubbornly use
the term in both original senses despite the controversy, leaving
context to clarify (or leave ambiguous) which meaning is intended.
It is noteworthy, however, that the positive definition of hacker
was widely used as the predominant form for many years before the
negative definition was popularized.

"Hacker" can therefore be seen as a shibboleth, identifying those who use the
technically-oriented sense (as opposed to the exclusively
intrusion-oriented sense) as members of the computing
community.

A possible middle ground position has been suggested, based on the
observation that "hacking" describes a collection of skills which
are used by hackers of both descriptions for differing reasons. The
analogy is made to locksmithing, specifically picking locks, which
— aside from its being a skill with a fairly high tropism to 'classic' hacking — is a skill which can
be used for good or evil. The primary weakness of this analogy is
the inclusion of script kiddies in
the popular usage of "hacker", despite the lack of an underlying
skill and knowledge base.

Fred Shapiro thinks that "the common theory that 'hacker'
originally was a benign term and the malicious connotations of the
word were a later perversion is untrue." He found out that the
malicious connotations were present at MIT in 1963 already and then
referred to unauthorized users of the telephone network (which are
also called phreakers).

History

1950s: amateur radio enthusiasts
defined the term hacking as creatively tinkering to
improve performance.

1959:
hack is defined in MIT's Tech Model Railroad Club Dictionary
as "1) an article or project without constructive end; 2) a project
undertaken on bad self-advice; 3) an entropy booster; 4) to
produce, or attempt to produce, a hack(3)." hacker is
defined as "one who hacks, or makes them." Much of the
TMRC's jargon is later imported into early computing culture.

1963: The first recorded reference to hackers in the computer
sense is made in The Tech (MIT Student Magazine).

1972: Stewart Brand publishes "S P
A C E W A R: Fanatic Life and Symbolic Death Among the Computer
Bums" in Rolling Stone, an
early piece describing computer culture. In it, Alan Kay is quoted as saying "A true hacker is not
a group person. He's a person who loves to stay up all night, he
and the machine in a love-hate relationship... They're kids who
tended to be brilliant but not very interested in conventional
goals[...] It's a term of derision and also the ultimate
compliment."

1980: The August issue of Psychology Today prints (with
commentary by Philip Zimbardo) "The
Hacker Papers", an excerpt from a Stanford Bulletin Board
discussion on the addictive nature of computer use.

1982: In the film TRON, Kevin Flynn
(Jeff Bridges) describes his intentions
to break into ENCOM's computer system, saying "I've been doing a
little hacking here". CLU is the software
he uses for this.

1983:
The movie WarGames, featuring a computer
intrusion into NORAD, is
released.A gang of 6 teenagers is caught breaking into
dozens of computer systems, including that of Los Alamos
National Laboratory.Newsweek
features the cover story "Beware: Hackers at play." First Usenet post on the use of the term hacker in
the media (CBS News) to mean computer criminal. Pressured by media
coverage of computer intrusions, Congress begins work on new laws
for computer security.

2000: Michael Calce (better known as MafiaBoy) attacks and disables Yahoo!, Amazon.com,
CNN, Dell, Inc., and E*TRADE. President calls for emergency Cyber
Security Summit as a result of the attacks. The estimated losses in
the attacks was 1.2 billion USD.

Contemporary use

The
modern, computer-related use of the term is considered likely
rooted in the goings on at the Massachusetts
Institute of Technology (MIT) in the 1960s, long before computers became
common; the word "hack" was
local slang which had a large number of
related meanings. One was a simple, but often inelegant,
solution to a problem. It also meant any clever prank
perpetrated by MIT students; logically, the perpetrator was a
hacker. To this day the terms hack and
hacker are used in several ways at MIT, without
necessarily referring to computers. When MIT students
surreptitiously put a fake police car atop the dome on MIT's Building 10,
that was a hack, and the students involved were therefore hackers.
Another type of hacker — one who explores undocumented or
unauthorized areas in buildings — is now called a reality hacker or urban spelunker.

The earliest known use of the term in this manner is from the 20
November 1963 issue of The Tech, the student paper of MIT:

Many telephone services have been curtailed because of
so-called hackers, according to Prof. Carlton Tucker, administrator
of the Institute phone system.

[…] The hackers have accomplished such things as tying
up all the tie-lines between Harvard and MIT, or making
long-distance calls by charging them to a local radar
installation.

One method involved connecting the PDP-1 computer to
the phone system to search the lines until a dial tone, indicating
an outside line, was found.

[…] Because of the 'hacking', the majority of the MIT
phones are 'trapped'.

Originally, the term "hack" was applied almost exclusively to
programming or electrical engineering, but it has
come to be used in some circles for almost any type of clever
circumvention, in phrases such as "hack the media", "hack your
brain" and "hack your reputation".

Negative usage in engineering

Another meaning of the term "hack", similar to kludge and distinct from both the positive and
security-related meanings discussed above, derives from the
everyday English sense "to cut or shape by or as if by crude or
ruthless strokes" [Merriam-Webster]. In other words to "hack" at an
original creation, as if with an axe, is to force-fit it into being
usable for a task not intended by the original creator, and a
"hacker" would be someone who does this habitually. (The original
creator and the hacker may be the same person.)

This usage is common in both programming and engineering. In
programming, hacking in this sense appears to be tolerated and seen
as a necessary compromise in many situations. In non-software
engineering, the culture is less tolerant of unmaintainable
solutions, even when intended to be temporary, and describing
someone as a "hacker" might imply that they lack professionalism.
In this sense, the term has no real positive connotations, except
for the idea that the hacker is capable of doing modifications that
allow a system to work in the short term, and so has some sort of
marketable skills. There is always, however, the understanding that
a more skillful, or technical, logician could have produced
successful modifications that would not be considered a
"hack-job".

The definition is similar to other, non-computer based, uses of the
term "hack-job". For instance, a professional modification of a
production sports car into a racing machine would not be considered
a hack-job, but a cobbled together backyard mechanic's result could
be. Even though the outcome of a race of the two machines could not
be assumed, a quick inspection would instantly reveal the
difference in the level of professionalism of the designers.

Computer security hackers

In computer security, a hacker is someone who focuses on security
mechanisms of computer and network systems. While including those
who endeavor to strengthen such mechanisms, it is more often used
by the mass media and popular culture to
refer to those who seek access despite these security measures.
That is, the media portrays the 'hacker' as a villain.
Nevertheless, parts of the subculture see their aim in correcting
security problems and use the word in a positive sense. They
operate under a code, which acknowledges
that breaking into other people's computers is bad, but that
discovering and exploiting security mechanisms and breaking into
computers is still an interesting activity that can be done
ethically and legally. Accordingly, the term bears strong
connotations that are favorable or pejorative, depending on the
context.

The subculture around such hackers is termed network hacker
subculture, hacker scene or computer underground. It initially
developed in the context of phreaking
during the 1960s and the microcomputer BBS scene of the 1980s. It is
implicated with 2600: The
Hacker Quarterly and the alt.2600 newsgroup.

By 1983, hacking in the sense of breaking computer security had
already been in use as computer jargon, but there was no public
awareness about such activities. However, the release of the movie
WarGames that year raised the
public belief that computer security hackers (especially teenagers)
could be a threat to national security. This concern became
real when a gang of teenage hackers in
Milwaukee,
Wisconsin known as The 414s broke
into computer systems throughout the United States and Canada, including
those of Los Alamos National Laboratory, Sloan-Kettering Cancer Center and Security
Pacific Bank. The case quickly grew media attention, and
17-year-old Neal Patrick emerged as the spokesman for the gang,
including a cover story in Newsweek entitled "Beware: Hackers at play",
with Patrick's photograph on the cover. The Newsweek article
appears to be the first use of the word hacker by the
mainstream media in the pejorative sense.

As a result of news coverage, congressman Dan Glickman called for an investigation and
new laws about computer hacking.Neal Patrick testified before the
U.S.House of Representatives on
September 26, 1983 about the dangers of computer hacking, and six
bills concerning computer crime were introduced in the House that
year. As a result of these laws against computer criminality,
white hat, grey
hat and black hat hackers try to
distinguish themselves from each other, depending on the legality
of their activities.

The programmer subculture of hackers

The computer security use is contrasted by the different
understanding of hacker as a person who follows a spirit of playful
cleverness and loves programming. It is found in an originally
academic movement unrelated to computer security and most visibly
associated with free software and
open source. It also has a hacker ethic, based on the idea that writing
software and sharing the result on a voluntary basis is a good
idea, and that information should be free, but that it's not up to
the hacker to make it free by breaking into private computer
systems. Academic hackers disassociate from the mass media's
pejorative use of the word 'hacker' referring to computer security,
and usually prefer the term 'cracker' for that meaning.

In this hacker culture, a computer hacker is a person who enjoys
designing software and building programs with a sense for
aesthetics and playful cleverness. The term hack in this sense can be traced back to "describe the
elaborate college pranks that...students would regularly devise"
(Levy, 1984 p.10). To be considered a 'hack' was an honour among
like-minded peers as "to qualify as a hack, the feat must be imbued
with innovation, style and technical virtuosity" (Levy, 1984
p.10)

According to Eric S.Raymond, the Open source and Free Software
hacker subculture developed in the 1960s among ‘academic hackers’
working on early minicomputers in
computer science environments in
the United States. After 1969 it fused with the technical culture
of the pioneers of the Arpanet. The PDP-10 machine AI at MIT, which was
running the ITS
operating system and was connected to the Arpanet, provided an
early hacker meeting point. After 1980 the subculture
coalesced with the culture of Unix, and after
1987 with elements of the early microcomputer hobbyists that themselves had
connections to radio amateurs in the 1920s. Since the mid-1990s, it
has been largely coincident with what is now called the free software and open source movement.

Within the academic hacker culture, the term hacker is also used
for a programmer who reaches a goal by employing a series of
modifications to extend existing code or
resources. In this sense, it can have a negative connotation of
using kludges to accomplish programming tasks
that are ugly, inelegant, and inefficient. This derogatory form of
the noun "hack" is even used
among users of the positive sense of "hacker" (some argue that it
should not be, due to this negative meaning; others argue that some
kludges can, for all their ugliness and imperfection, still have
"hack value"). In a very universal sense, hacker also means someone
who makes things work beyond perceived limits in a clever way in
general. That is, people who apply the creative attitude of
software hackers in fields other than computing. This includes even
activities that predate computer hacking, for example reality hackers. More recent examples of this
usage are wetware hackers and
media hackers. According to the
Jargon File the word hacker was used in a similar meaning
among radio amateurs already in the 1950s.

The culture sometimes uses jargon which is "incomprehensible to
outsiders". Examples are 'losing' "when a piece of equipment is not
working" and 'munged' "when a piece of equipment is ruined".

Home computer hackers

In a third meaning, hacker refers to computer hobbyists who push
the limits of their software or hardware. The home computer hacking
subculture relates to the hobbyist home computing of the late
1970s, beginning with the availability of MITS Altair. An influential organization was the
Homebrew Computer Club.

The areas that did not fit together with the academic hacker
subculture focus mainly on commercial computer and video games, software cracking and exceptional computer
programming (demo scene). Also of
interest to some members of this group is the modification of
computer hardware and other electronic devices, see modding.

Overlaps and differences

The main basic difference between academic and computer security
hackers is their mostly separate historical origin and development.
However, the Jargon File reports that considerable overlap
existed for the early phreaking at the beginning of the 1970s. An
article from MIT's student paper The Tech used the term
hacker in this context already in 1963 in its pejorative meaning
for someone messing with the phone system. The overlap quickly
started to break when people joined in the activity who did it in a
less responsible way. This was the case after the publication of an
article exposing the activities of Draper and Engressias.

According to Raymond, academic hackers usually work openly and use
their real name, while computer security hackers prefer secretive
groups and identity-concealing aliases. Also, their activities in
practice are largely distinct. The former focus on creating new and
improving existing infrastructure (especially the software
environment they work with), while the latter primarily and
strongly emphasize the general act of circumvention of security
measures, with the effective use of the knowledge (which can be to
report and help fixing the security bugs, or exploitation for
criminal purpose) being only rather secondary. The most visible
difference in these views was in the design of the MIT hackers'
Incompatible Timesharing
System, which deliberately didn't have any security
measures.

There are some subtle overlaps, however, since basic knowledge
about computer security is also common within the academic hacker
community. For example, Ken Thompson noted during his 1983 Turing Award lecture that it is possible to add
code to the UNIX "login" command that would
accept either the intended encrypted password or a particular known password, allowing a
back door into the system with the latter password. He named his
invention the "Trojan
horse." Furthermore, Thompson argued, the C
compiler itself could be modified to automatically generate the
rogue code, to make detecting the modification even harder. Because
the compiler is itself a program generated from a compiler, the
Trojan horse could also be automatically installed in a new
compiler program, without any detectable modification to the source
of the new compiler. However, Thompson disassociated himself
strictly from the computer security hackers: "I would like to
criticize the press in its handling of the 'hackers,' the 414 gang,
the Dalton gang, etc. The acts performed by these kids are
vandalism at best and probably trespass and theft at worst. ... I
have watched kids testifying before Congress. It is clear that they
are completely unaware of the seriousness of their acts."

The academic hacker community sees secondary circumvention of
security mechanisms as legitimate if it is done to get practical
barriers out of the way for doing actual work. In special forms,
that can even be an expression of playful cleverness. However, the
systematic and primary engagement in such activities is not one of
the actual interests of the academic hacker subculture and it
doesn't have significance in its actual activities, either. A
further difference is that, historically, academic hackers were
working at academic institutions and used the computing environment
there. In contrast, the prototypical computer security hacker had
access exclusively to a home computer and a modem. However since
the mid-1990s, with home computers that could run Unix-like
operating systems and with inexpensive internet home access being
available for the first time, many people from outside of the
academic world started to take part in the academic hacking
subculture.

Since the mid-1980s, there are some overlaps in ideas and members
with the computer security hacking community. The most prominent
case is Robert T. Morris, who was a user of MIT-AI, yet wrote the
Morris worm. The Jargon File
hence calls him "a true hacker who blundered". Nevertheless,
members of the academic subculture have a tendency to look down on
and disassociate from these overlaps. They commonly refer
disparagingly to people in the computer security subculture as
crackers, and refuse to accept any definition of hacker that
encompasses such activities. The computer security hacking
subculture on the other hand tends not to distinguish between the
two subcultures as harshly, instead acknowledging that they have
much in common including many members, political and social goals,
and a love of learning about technology. They restrict the use of
the term cracker to their categories of script kiddies and black
hat hackers instead.

All three subcultures have relations to hardware modifications. In
the early days of network hacking, phreaks were building blue boxes and various variants. The academic
hacker culture has stories about several hardware hacks in its
folklore, such as a mysterious 'magic' switch attached to a PDP-10
computer in MIT's AI lab, that, when turned off, crashed the
computer. The early hobbyist hackers built their home computers
themselves, from construction kits. However, all these activities
have died out during the 1980s, when the phone network switched to
digitally controlled switchboards, causing network hacking to shift
to dialing remote computers with modems, when pre-assembled
inexpensive home computers were available, and when academic
institutions started to give individual mass-produced workstation
computers to scientists instead of using a central timesharing
system. The only kind of widespread hardware modification nowadays
is case modding.

An encounter of the academic and the computer security hacker
subculture occurred at the end of the 1980s, when a group of
computer security hackers, sympathizing with the Chaos Computer Club (who disclaimed any
knowledge in these activities), broke into computers of American
military organizations and academic institutions. They sold data
from these machines to the Soviet secret service, one of them in
order to fund his drug addiction. The case could be solved when
Clifford Stoll, a scientist working
as a system administrator, found ways to log the attacks and to
trace them back (with the help of many others). 23, a German film adaption with fictional
elements, shows the events from the attackers' perspective. Stoll
described the case in his book The Cuckoo's Egg and in the TV
documentary The KGB, the Computer, and Me from the other
perspective. According to Eric S. Raymond, it "nicely illustrates
the difference between 'hacker' and 'cracker'. Stoll's portrait of
himself, his lady Martha, and his friends at Berkeley and on the
Internet paints a marvelously vivid picture of how hackers and the
people around them like to live and how they think."